35 lines
771 B
Plaintext
35 lines
771 B
Plaintext
# /etc/strongswan.conf - strongSwan configuration file
|
|
|
|
charon {
|
|
load = curl aes md5 sha1 sha2 hmac gmp pem pkcs1 random nonce x509 revocation stroke kernel-netlink socket-default eap-identity eap-ttls eap-md5 eap-tnc tnc-imv tnc-tnccs tnccs-20 updown sqlite
|
|
multiple_authentication=no
|
|
plugins {
|
|
eap-ttls {
|
|
phase2_method = md5
|
|
phase2_piggyback = yes
|
|
phase2_tnc = yes
|
|
}
|
|
eap-tnc {
|
|
protocol = tnccs-2.0
|
|
}
|
|
}
|
|
}
|
|
|
|
libimcv {
|
|
database = sqlite:///etc/pts/config.db
|
|
policy_script = ipsec imv_policy_manager
|
|
plugins {
|
|
imv-attestation {
|
|
hash_algorithm = sha1
|
|
dh_group = modp2048
|
|
mandatory_dh_groups = no
|
|
}
|
|
}
|
|
}
|
|
|
|
attest {
|
|
load = random nonce openssl sqlite
|
|
database = sqlite:///etc/pts/config.db
|
|
}
|
|
|